CVE-2005-2475

Name of the Vulnerable Software and Affected Versions Unzip version 5.52

Description A race condition exists in Unzip, allowing local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed. This occurs because Unzip changes the permissions of the file after decompression is complete, which can be exploited by creating a hard link to the file being decompressed.

Recommendations For Unzip version 5.52, consider updating to a newer version that addresses this issue, as using a hard link attack on a file being decompressed can lead to unauthorized permission changes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.